indicator identifies this floppy/CD-ROM drive for the secured domain. 

19. The unsecured domain's floppv /CD RQ M DVD/CDRW combo as set forth in claim 
17 is installed into a separate 51/4" drive bay and is connected directly to the unsecured 
motherboard/CPU and can only process data and information for the unsecured domain. 
A green indicator identifies this floppy/CD-ROM drive for the unsecured domain. 



Description 



BACKGROUND OF INVENTION 

[0001] This invention relates to a multilevel network secure computer system built within 
a custom secure case which is comprised of two or more hardware domains that are 
active concurrently. This system can switch keyboard and mouse functions b etween the 
classified and unclassified domains and monitors instantly and control user access to the 
computer itself and the secure network without powering down one domain and then re- 
booting and powering up to the second or third domain. Subsequently this results in no 
data loss and no switching delays. The final result is instant viewing of classified or 
unclassified data in one computer case without any chance of data being compromised. 
This is achieved using hardware-based technology and without any shared devices within 
the system. The case , KM switch. EMF shield, and the power supply are the only shared 
devices. 

SUMMARY OF INVENTION 

[0002] Prior design of multilevel computer systems include the use of complicated 
mechanical switching mechanisms (U.S. Pat. No. 6,009,518) or the addition of complex 
circuitry with relays and microprocessors controlled via automatic teller machine (ATM) 
styled keypads requiring a personal identification number (PIN) for switching fi-om one 
network domain to the other by powering down one domain and powering up to another 
domain. (U.S. Pat. Nos. 6,389,542,76,351,810) These systems result in total loss of data 
between one domain to the other during switchover which includes operating system 
shutdown and re-booting along with substantial switching time delays. Most of such 
computer systems share the same central processing units (CPU), random access memory 
(RAM), universal serial bus (USB) controllers, video memory, floppy drives, and 
compact disk read only memory (CD-ROM) drives. They also use coromonly available 
Smart Card.RTM. readers/writer technology for additional user access control. 

[0003] The objective of this invention is to provide a custom-built secure multilevel 
computer system to provide data security fi'om within and prevent inside unauthorized 
user access as well as outside unauthorized user access via the Intemet or a networic. This 
invention was requested by the Department of Defense, the Pentagon and other 
government agencies to be used in critical operating environments for secured and 
unsecured networks that need to be viewed without delays. These environments require 
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processing of unclassified and classified data instantly and without compromising data 
security between domains and without powering down and re-booting between domains 
which results to data loss upon switching between domains contained in the same 
compute r with the dual monitors « 

[0004] The benefits of this technology other than data security include; instant domain 
switching, reduced foo^rint, reduced power consumption, reduced heat ou^ut, reduced 

EMF emissions, reduced maintenance and acquisition costs, and reduced operating 
system costs. 

BRIEF DESCRIPTION OF DRAWINGS 

[0005] FIG. 1 is a block diagram of the DataVaultX4 Multi-Network Computer. 
[0006] FIG. 2 is the rear view of the DataVauUX4 Multi-Network Computer. 
[0007] FIG. 3 is the fi-ont view of the DataVaultX4 Multi-Network Computer. 
DETAILED DESCRIPTION 

[0008] By implementing a physical hardware access control of the specially constructed 
computer case itself via a hardware lock/key cover for the front of the computer case as 
well as the back, ensures a solid access control to the physical hardware itself before the 
computer can be turned on via an electromechanical key lock which is similar to the 
ignition key of a vehicle. 

[0009] Each hardware domain within the specially constructed cast iron computer case 
has its own CPU, memory, motherboard, network card, video card, sound card, hard 
drive, floppy drive, parallel and serial ports, USB, CD-ROM driv e, monitors, and 
separate color-coded reset buttons, (red and green) on the fix>nt side of the computer case. 
The red button indicates the secured domain hardware reset and the green indicates the 
unsecured domain hardware reset. Each hardware domain can be re-booted and restarted 
independently without affecting the other domain, during software installations. The 
Smart Card.RTM. reader/writer is connected only on the secured hardware domain which 
provides access to authorized users only. A third optional hardware domain can be 
controlled through the same access control method using the Smart Card.RTM. 
reader/writer. 

[0010] Upon powering-on the computer using the physical key in the lock which is in the 
front of the computer case, both hardware domains activate and access to the imsecured 
domain is available by default. The unsecured domain is defined by its own memory 
device or hard drive for storing data which by definition is a domain level with 
unrestricted access. The first domain level with unrestricted access may fiirther have a 
modem device for telecommunication for internet access as well as a network card for 
unsecured network access. The unsecured domain also has its own independent read-only 
memory device such as CD-ROM and a floppy disk drive labeled with a green dot for 



easy identification. 

[001 1] By pressing the domain selector switch on the front panel of the system or by 
pressing (in quick succession) the ''key scroll" twice then ''arrow up'' or "arrow down'' 
keys on the keyboard r e d button on th e e l e ctronic KVM (k e yboard/vid e o/mous e ) switch , 
access to the second domain level is restricted by the Smart Card.RTM. reader/writer. 
The authorized user must then insert his own personal ID card into the Smart Card,RTM. 
reader/writer for access and user identification and authentication by entering his PIN 
(personal identification number or password). Once a PIN number is entered, the 
authorized user can proceed and access the secured domain or classified network. At any 
time the authorized user wishes to switch to the unsecured domain network, he or she can 
do so by pressing the domain selector switch on the front panel of the system or by 
pressing (in quick succession) the "key scroll" twice then "arrow up" or "arrow down"' 
keys on the keyboard u nsecur e d button on th e KVM switch and instantly access the 
internet or unsecured network without having to shut down the secured domain and re- 
boot the unsecured domain. The authorized user can switch back to the secure domain by 
pressing the domain selector switch on the front panel of the system or by pressing (in 
quick succession) the "key scroll" twice then "arrow up" or "arrow down" keys on the 
keyboard secur e d button on th e KVM switch and switch keyboard an mouse functions 
within less than a second without re-powering or re-booting domains and without a loss 
of data on either domains. 

[0012] The secured domain is also defined by its own memory device and a removable 
hard drive case with a lock key, for storing data, which by definition is a domain level 
with restricted access. The secured domain also has its own monitor and independent 
read-only memory device such as compact disk CD-ROM and a floppy disk labeled with 
a red dot for easy identification. When the secured domain authorized user completes his 
or her assignment, they can then perform normal system shutdown and remove the 
secured domain*s hard drive without affecting the operation of the unseciu'ed domain. 

[001 3] In order to ensure that data may not bleed-over firom the unsecured domain and 
networic to the secured domain and network within the case, the motherboards and 
network devices were placed with three inches apart and were separated with a special 
microwave almninimi shield. This shield assures the integrity of data access control, data 
storage, and data communications for both the secure and unsecured sides of the 
computer will remain in tact emphasizing that top level security will be maintained for 
classified network activities. 

[0014] The physical back cover keyAock prevents unauthorized users from manipulating 
network cables between the secured and unsecured domains as well as preventing 
removal of other devices such as videe/keyboard/mouse cables. The case also includes an 
"open case" audible alarm. 

[0015] The DataVaultX4 offers a solid hardware based security solution that securely 
processes and stores unclassified and classified data without requiring two separate 

computers to achieve this effect. The Data Vault X4 incorporates a non-software 



dependent electromechanical key-lock that requires a high level security key to activate 
it, and this key cannot be removed while in operation nor can it be duplicated. The 
removable classified hard drive on the secured domain requires a key for removal since 
classified hard drives must be placed in a safe when not in use. The second layer of 
security for the classified domain is implemented through the built-in dedicated Smart 
Card.RTM. reader/writer that provides access control and user identification and 
authentication. The DataVaultX4 has the security functionality of up to three separate 
computers in a single cost-effective workstation. A single DataVaultX4 requires only 
one software license, monitor, keyboard and mouse and dramatically reduces heat output, 
power consumption and space requirements by at least one half, along with significantly 
reducing maintenance, life-cycle and repair costs of the multiple computers that it could 
replace. DATAVAULTX4 COMPONENTS (FIG. 1) The DataVaultX4 is built in a 
heavy-duty cast iron computer case (1) especially designed to acconmiodate 14 
expansion slots instead of the traditional 6 or 8. The case has a low EMF radiation output 
level and a 350 watt power supply (3X one electronic on/off switch (2) and one hardware 
access control electronic/mechanical keyed switch (4) for identification/authentication. 
Within the case are two completely isolated and independent domains, one unsecured 
(Designated "U") for general use and one secure (Designated "S") each with an isolated 
reset button (10 & 13) respectively. Both domains operate and are active concurrently. 
Each domain contains two isolated memory banks (5 & 9), two isolated CPU (1 1 & 12), 
two isolated hard drives (18 & 19 where the secure hard drive is removable), two isolated 
network cards (NIC), (16 & 17), two isolated video cards (24 & 25), two isolated 3.5 inch 
Floppy/DVD CD-ROM combo drives (20 & 21), and two isolated keyboard/mouse 
controllers. (2 6.28 & 27,29) Each of these pairs of components are on the respective 
secure and unsecured sides of the computer. The unsecured side of the computer also has 
an optional modem feature (14) and both sides of the computer have optional sound card 
features (22 & 23)^The secure side of the computer incorporates a Smart Card.RTM. 
reader/writer (15) for an additional layer of security for user access and 
identification/authentication. An EMF shield (7) separates the unsecured side from the 
secure side of the computer so data bleed-over does not otherwise compromise data 
integrity and security. One e xt e rnal internal digital electronic switch (30) operates the 
swapping of a single keyboard (3 1), singl e vid e o monitor (32) , and single mouse (33) 
from the unsecured to the seciu^ domain. Each interchange from one domain to the other 
takes place in approximately one second using the Domain Selector Switch (69) fig.3 
buttons SI and S2 (29 & 30) r e sp e ctiv e ly . No system-wide reset or shutdown is necessary 
when switching domains. Both domains remain active on their dedicated monitors w ith 
no data loss taking place on either domain when switching to the other respective domain 
and back again on demand by the authorized user and without delay for rebooting. 

[0016] Extemal Rear View Datavaul tD ata Vault X4 (FIG. 2) 

[0017] The DataVaultX4 has 14 slots across the rear of the case. Slots 34 through 42 
reside on the secure side of the computer. From left to right they range from a USB card, 
optional sound card, a combination COM/LPT port card, video card and five open slots 
respectively. Separating the secure side from the unsecured side of the computer is an 
EMF radiation shield that physically separates the two domains and motherboards 



respectively (43) . Slots 44 through 47 reside on the unsecured side of the computer. From 
left to right they range from a USB card, sound card, a combination COM/LPT port card, 
video card, and one open slots respectively. 

[0018] A cooling fan (48) and two AC connections are on the left rear side of the case. 
One male AC connection (50) for connecting the computer power supply to 1 1 0 volt 
electrical curren t and one f e male AC conn e ction (50) for supplying 110 volt current to a 
monitor . A locking (53) tamper-proof rear cover (5 1)^ with apertures (54 a& b) for 
cables to exit respective opposite directions of the secure and unsecured sides of the 
computer insure cables can not be switched and therefore maintain data integrity for the 
two separate networks. 

[0019] Extemal Front View Datavaul tD ata Vault X4 (FIG. 3) 

[0020] The DataVaultX4 is first accessed by inserting a physical key in a mechanical 
keyed lock ( 72) on the front cover (71) mounted on a tamper-proof metal hinge (73). An 
electromechanical lock on the fi*ont of the computer requires a physical high-level key to 
first tum-on (70) the computer and boots both domains of the computer up 
simultaneously. The unsecured side is accessible immediately upon booting by default 
and so is the domain and network. To access the secure side of the computer press the 
domain selector switch (69) on the fi-ont panel of the system or by pressing (in quick 
succession) the "key scroll'' twice then ''arrow up" or "arrow down'' keys on the 
keyboard r e d button is pr e ss e d on the KVM (koyboard/vid e o/mouse) e l e ctronic switch 
(§9) which prompts the authorized user to insert a Smart Card.RTM. into the Smart 
Card.RTM. reader/writer (62 ) and a PIN number is requested. Authorization is granted 
upon entering the correct PIN code. To move back to the unsecured domain, press the 
domain selector switch on the fi'ont panel of the system or by pressing (in quick 
succession) the "key scroll" twice then "arrow up" or "arrow down" keys on the 
keyboard t he gr ee n button (62) on th e KVM e l e ctronic switch is push e d and immediate 
switching occurs to the imsecured domain without reset or re-booting and without data 
loss. 

[0021] A removable secure hard drive (60) with a built-in key/lock allows removal for 
safe storage when the computer is not in use, which is located above the two secure and 
unsecured 3.5 DVD-CD ROM combo drives respectively (58, 61) . A cooling fan with 
replaceable air filters (74) adds cooling power to the power supply needed for running the 
dual or triple motherboards and an the LE D's ON - pmsi (67, 68) keeps the user aware 
which Domain is currently selected on a br e ast of vital information while at op e ration of 

ihQDataVaultX4. 



